A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...
UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...
A widely used open-source PyPI package, elementary-data, was compromised in a targeted attack that inserted infostealer malware via a GitHub Actions vulnerability. The malicious update, version 0.23.3 ...
A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...
UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...
A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...
As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
10hon MSN
Top open source PyPI package with over 1 million downloads each month hacked to send out malware
This was not a case of stolen credentials, but rather of vulnerability exploitation.
Malicious npm packages have been identified distributing malware that steals credentials and attempts to spread across ...
Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results